This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Feature Request - new level of security
I have an idea how to bring the security of 1Pasword to a new level. Installation of 1Password on a desktop/laptop computer and a mobile device is required for this.
Probably the biggest security risk with using 1Password is if the computer where 1Password has been installed on gets compromised by some kind of trojan horse. Then everything can happen. The master password could be derived while typing, the 1Password database copied somewhere else and the attacker had access to all the data.
Since a lot of people will have an iPhone/iPad/iPod with 1Password installed on it, this installation could be used to increase the security of 1Password on the desktop computer.
This could be achieved, if the desktop computer does not use its own 1Password database but retrieves data from the mobile device. Networking functions between the desktop and mobile installation of 1Password have been implemented for synching the 1Password database. 1Password could be enhanced by putting 1Password on the mobile device in some sort of server mode where the desktop installation of 1Password retrieves data from. Each time, the desktop edition wants to retrieve data, the user has to accept the request on the mobile device. Thereby, no data can be retrieved secretly by malware on the the desktop.
Necessary steps to establish this kind of security:
1. Couple 1Password on the mobile device and the desktop. This has to be done only once like bluetooth device pairing.
2. On the mobile device, start 1Password and put it in "server mode" when access to 1Password data will be needed.
3. Now surf the web and use the 1Password plugin like always. Everytime the user wants to fill in secret data on a web site, the plugin requests data from 1Password on the mobile device. The user has to accept the request. In this mode, all changes "would you like to update the data for account..." happen on the mobile device and are synched back encrypted to the desktop.
I think such a funtionality could be implemented with moderate effort while providing an unprecedented level of security. The impact on the user experience/comfort is very low. Just pressing a button to accept a request for a new level of security seems acceptable to me. Nobody will be forced to use this feature, since it had to be optional anyway.
Probably the biggest security risk with using 1Password is if the computer where 1Password has been installed on gets compromised by some kind of trojan horse. Then everything can happen. The master password could be derived while typing, the 1Password database copied somewhere else and the attacker had access to all the data.
Since a lot of people will have an iPhone/iPad/iPod with 1Password installed on it, this installation could be used to increase the security of 1Password on the desktop computer.
This could be achieved, if the desktop computer does not use its own 1Password database but retrieves data from the mobile device. Networking functions between the desktop and mobile installation of 1Password have been implemented for synching the 1Password database. 1Password could be enhanced by putting 1Password on the mobile device in some sort of server mode where the desktop installation of 1Password retrieves data from. Each time, the desktop edition wants to retrieve data, the user has to accept the request on the mobile device. Thereby, no data can be retrieved secretly by malware on the the desktop.
Necessary steps to establish this kind of security:
1. Couple 1Password on the mobile device and the desktop. This has to be done only once like bluetooth device pairing.
2. On the mobile device, start 1Password and put it in "server mode" when access to 1Password data will be needed.
3. Now surf the web and use the 1Password plugin like always. Everytime the user wants to fill in secret data on a web site, the plugin requests data from 1Password on the mobile device. The user has to accept the request. In this mode, all changes "would you like to update the data for account..." happen on the mobile device and are synched back encrypted to the desktop.
I think such a funtionality could be implemented with moderate effort while providing an unprecedented level of security. The impact on the user experience/comfort is very low. Just pressing a button to accept a request for a new level of security seems acceptable to me. Nobody will be forced to use this feature, since it had to be optional anyway.
Flag
0
Comments
-
Welcome to the forums, hoehenunterschied!
That is certainly an interesting idea. We will see how it fits in with our current roadmap for 1Password. Thanks for taking the time to suggest it! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />Flag 0 -
[quote name='hoehenunterschied' timestamp='1296976808' post='20131']
Each time, the desktop edition wants to retrieve data, the user has to accept the request on the mobile device. Thereby, no data can be retrieved secretly by malware on the the desktop.
[/quote]
I really like this idea as a starting point. However, I think it's important to ensure that there is a failsafe. If, for example, my phone is lost, stolen, or otherwise inoperable, there needs to be an alternative.
Two-factor authentication is good, but I prefer [i]multi[/i]-factor to decrease my chances of getting hosed! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/cool.gif' class='bbc_emoticon' alt='B)' />
I think many of us have been there, and this is the reason I have both on- and off-site backup for my data...because you never know. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/unsure.gif' class='bbc_emoticon' alt=':unsure:' />
By way of example, I use Blizzard's Mobile Authenticator app on my iPhone to generate one-time passwords to log into my Battle.net account. After upgrading my phone this past year, I discovered that -- surprise! -- the Mobile Authenticator's serial number is randomly generated on each piece of hardware it is installed on, therefore rendering the OTPs [i]it[/i] generated on my [i]new[/i] phone useless in my futile attempts to log in!
Fortunately, the excited negligence that caused me to fail to either keep a copy of the serial number or remove the authenticator from my account temporarily also resulted in the idiot (me, of course) not bothering to wipe the old phone, so I was able to use my old app to log in and make the necessary changes. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/rolleyes.gif' class='bbc_emoticon' alt=':rolleyes:' />
...
Don't be like me!Flag 0
